Reputation: 349
I would like to Authenticate in App1 and then click a link to App2 and not have to authenticate. I figure a very common scenario. And this doc says it is super easy to achieve. So I created a Identity Authenticating app verbatim of the instructions here.
I applied the 2 extra lines of code as suggested in the doc
services.AddDataProtection()
.PersistKeysToFileSystem("{PATH TO COMMON KEY RING FOLDER}")
.SetApplicationName("SharedCookieApp");
services.ConfigureApplicationCookie(options => {
options.Cookie.Name = ".AspNet.SharedCookie";
});
I then and deployed it to my local IIS server(https://localhost/App1) and it was working perfectly.
For App2, I applied the same two lines of code as above and deployed it to my local IIS server(https://localhost/App2). After authenticating to App1 and then clicking the link to App2, i got an error "No authenticationScheme was specified, and there was no DefaultChallengeScheme found". I figured that had to be missing something in App2, but the doc only ever sites those two lines of code. Anyhow, I tried adding each of the following(not all at the same time) 4 options to make it happy and nothing worked.
services.AddAuthentication("Identity.Application");
services.AddAuthentication();//fails asking for default schema and challenge
services.AddDefaultIdentity<IdentityUser>().AddEntityFrameworkStores<SharedAuthContext>();//fails
services.AddAuthentication(options =>
{
options.DefaultScheme = CookieAuthenticationDefaults.AuthenticationScheme;
options.DefaultChallengeScheme = CookieAuthenticationDefaults.AuthenticationScheme;
});
Something is obviously missing from App2, but i cannot figure it out?
Upvotes: 1
Views: 1477
Reputation: 11131
CookieAuthenticationDefaults.AuthenticationScheme
is a constant string with value "Cookies"
.
Identity framework uses different names for its cookies.
IdentityConstants.ApplicationScheme
-> "Identity.Application"
IdentityConstants.ExternalScheme
-> "Identity.External"
(we're not interested in this)So you should change the names to
services.AddAuthentication(options => {
options.DefaultScheme = "Identity.Application";
options.DefaultChallengeScheme = "Identity.Application";
}).AddCookie("Identity.Application", options => { ... });
Also refer to Microsoft docs on sharing cookies between apps.
https://learn.microsoft.com/en-us/aspnet/core/security/cookie-sharing?view=aspnetcore-5.0
Upvotes: 3